hccf.onmy.cloud

.self: A new top-level domain designed to support self-hosting

HumanCCF · 667 points · 378 comments · kemarin

Comments

5 preview comments · loading full thread
goldenarmkemarin

Remember when the .tk TLD became free 20 years ago ? Every hobbyist took one, then scammers followed, then Facebook and antiviruses started blocking it. I remember publishing a website for a class on my .tk domain, the teacher couldn't open it and I almost got a failing grade because of it.

vesseneskemarin

Hi there. I've done a bit of work on specifying human-centric identity goals for the internet over the last 10 years. May I suggest you look at Microsoft Vega? https://www.microsoft.com/en-us/research/blog/vega-zero-know... (I have no affiliation). In brief, I think they aim to solve the most important needs for online identity-gated services in a maximally private way. For instance, I'd like to see .self offer the following: a single domain to any person in the world with identity blinded. I can imagine two 'tranches': say xxx.v.self for 'verified' and xxx.u.self for 'unverified'. Both would use a Zero Knowledge proof to confirm they had not already registered a domain; verified would register with you guys or a data broker some PII in case it was needed for verification / checks / etc, while unverified would maintain the promise of one domain = one person, but not allow the TLD or registrars to be able to unblind which person it is. Use cases like this would be really fantastic. And, obviously could be tested out and tried on a normal domain name while you make your pitch, and put in for the auction / however ICANN is currently managing TLD launches.

anilgulechakemarin

The "one free domain per person" isn't the interesting part really - that will be hard to police unless domain name is a function of ID proof (avoids squatting). 0) The actual intersting part of a new TLD can be growing reputation by post-facto taking away a domain without recourse in case of squatting. Instead of adversarial takedowns (which produce false positives as noted), let anyone challenge an inactive domain in the first year or two. 1) If they can figure out a mechanism for moving a domain from "assigned" -> "squatted". 2) Domain must match (or derive from) a verified identity - e.g. your domain is a hash/slug of your government ID. Makes squatting structurally impossible because you can't claim someone else's name / gov (Sign in with passkeys linked to a national ID). 3) Proof of human effort, reduced with time - require periodic renewal with proof-of-use (DNS TXt updates, through a flow hard to automate). 4) Kill speculative market - domains are non-sellable and non-transferable - always go back to the free pool, and stay there for 30 days mandatorily. Some mix of these could be the right structure for a trule high-reputation, free domain.

greyface-kemarin

https://hccf.onmy.cloud/wp-content/uploads/2026/06/dot-self.... > Everyone entitled to a subdomain at no cost How are you going to pay for the (substantial) cost of running a TLD without registration fee revenue? Is this a loss leader for other services? Are you operating on a 100% donation model? > No parking, squatting, or reselling How do you plan to tell the difference between a parked/squatted domain and one in legitimate use but offering no public-facing services?

BLKNSLVRkemarin

I'm just being a negative nancy here, but I don't think I'd want to advertise that any of my sites are specifically self hosted, in that it kinda asks for ... security probing, since it's more likely than not got less than professional security surrounding it. Having said that gestures to the entirety of the internet So maybe not such a big deal.